{"id":10377,"library":"axios","title":"Axios HTTP Client","description":"Axios is a popular promise-based HTTP client for both the browser and Node.js. It simplifies making HTTP requests, handling responses, and integrating with APIs. The current stable version is v1.15.0, with regular patch releases addressing security fixes, bug reports, and compatibility improvements, alongside occasional minor versions.","status":"active","version":"1.15.0","language":"javascript","source_language":"en","source_url":"https://github.com/axios/axios","tags":["javascript","xhr","http","ajax","promise","node","browser","fetch","rest","typescript"],"install":[{"cmd":"npm install axios","lang":"bash","label":"npm"},{"cmd":"yarn add axios","lang":"bash","label":"yarn"},{"cmd":"pnpm add axios","lang":"bash","label":"pnpm"}],"dependencies":[],"imports":[{"symbol":"axios","correct":"import axios from 'axios';"}],"quickstart":{"code":"import axios from 'axios';\n\nasync function fetchData() {\n  try {\n    const response = await axios.get('https://jsonplaceholder.typicode.com/todos/1');\n    console.log(response.data);\n  } catch (error: any) {\n    console.error('Error fetching data:', error.message);\n  }\n}\n\nfetchData();","lang":"typescript","description":"Demonstrates a basic GET request using async/await to fetch data from a public API."},"warnings":[{"fix":"Ensure all header values conform to HTTP standards, using valid string characters without control characters or leading/trailing whitespace.","message":"Outgoing HTTP header values are now strictly sanitized (e.g., stripping invalid bytes, CRLF sequences, boundary whitespace). Requests with previously 'malformed' headers may now be rejected or altered.","severity":"breaking","affected_versions":"<1.x || <0.31.0"},{"fix":"Thoroughly test your proxy setup and CommonJS imports after upgrading to v1.14.0 or newer.","message":"If your application relies on environment-based proxy configurations (`NO_PROXY`/`no_proxy`) or specific CommonJS resolution edge-cases, these behaviors might have changed or require re-validation.","severity":"gotcha","affected_versions":">=1.14.0"},{"fix":"Upgrade to Axios v1.15.0 or later to resolve Node.js deprecation warnings related to `url.parse()`.","message":"Older versions of Axios might trigger Node.js console warnings regarding the use of the deprecated `url.parse()` method.","severity":"deprecated","affected_versions":"<1.15.0"},{"fix":"Upgrade to Axios v1.13.5 (for 1.x branch) or v0.30.3 (for 0.x branch) immediately to secure your application.","message":"A Denial of Service (DoS) vulnerability via the `__proto__` key in `mergeConfig` was patched. Older versions are vulnerable.","severity":"breaking","affected_versions":"<1.13.5 || <0.30.3"}],"env_vars":null,"last_verified":"2026-04-18T00:00:00.000Z","next_check":"2026-07-17T00:00:00.000Z","problems":[{"fix":"Upgrade to Axios v1.15.0 or later to use the updated internal implementation.","cause":"Axios versions prior to v1.15.0 used a deprecated Node.js API, causing deprecation warnings in recent Node.js environments.","error":"DeprecationWarning: url.parse() is deprecated"},{"fix":"Upgrade to Axios v1.13.5 or later to restore the `status` field in `AxiosError`.","cause":"A bug introduced in Axios v1.13.3 caused the 'status' field to be intermittently missing from AxiosError objects.","error":"AxiosError object is missing 'status' field"},{"fix":"Upgrade to Axios v1.13.2 or later to resolve the 'socket hang up' bug.","cause":"A bug in Axios versions prior to v1.13.2 could cause 'socket hang up' errors for keep-alive HTTP requests when timeouts were involved.","error":"Error: socket hang up (with keep-alive requests and timeouts)"},{"fix":"Upgrade to Axios v1.13.1 or later to fix data stream handling for non-OK HTTP responses.","cause":"A regression in Axios v1.13.0 caused issues where data streams were prematurely interrupted for responses with non-2xx status codes.","error":"Data stream interrupted for responses with non-OK HTTP statuses"}],"ecosystem":"npm"}